Rollup merge of #141832 - workingjubilee:explain-what-toctou-races-are, r=thomcc,ChrisDenton - rust

diff options

author	Jacob Pratt <jacob@jhpratt.dev>	2025-06-01 00:35:54 +0200
committer	GitHub <noreply@github.com>	2025-06-01 00:35:54 +0200
commit	7f306d5729fc11d18a88de6f7503b9c2883e250d (patch)
tree	ca572d81a3b9acd23e634a953c50050aa528e414 /compiler/rustc_codegen_llvm/src/llvm_util.rs
parent	542dcbf6a20709f40c72b87f42be36325dba0ab3 (diff)
parent	7f7c415d03e6ec431a65a6f5625026761ab9f913 (diff)
download	rust-7f306d5729fc11d18a88de6f7503b9c2883e250d.tar.gz rust-7f306d5729fc11d18a88de6f7503b9c2883e250d.zip

Rollup merge of #141832 - workingjubilee:explain-what-toctou-races-are, r=thomcc,ChrisDenton

library: explain TOCTOU races in `fs::remove_dir_all`

In the previous description it said there was a TOCTOU race but did not explain exactly what the problem was. I sat down with the CVE, reviewed its text, and created this explanation. This context should hopefully help people understand the actual risk as-such.

Incidentally, it also fixes the capitalization on the name of Redox OS.

Original CVE and advisory:
- CVE: https://www.cve.org/CVERecord?id=CVE-2022-21658
- security advisory: https://groups.google.com/g/rustlang-security-announcements/c/R1fZFDhnJVQ?pli=1
- github cross-post: https://github.com/rust-lang/rust/security/advisories/GHSA-r9cc-f5pr-p3j2

Diffstat (limited to 'compiler/rustc_codegen_llvm/src/llvm_util.rs')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: